Access control has been used for decades to create a list of users that can access a file or service, and to what extent a user can interact with that file or service. Some users may be granted read-only access to a file, while others have read and edit rights. Still other users may have the ability to read, edit, and delete a file.
Access control lists are maintained by an operating system. In some cases, transferring a file from one computer to another may transfer the access control list associated with a file, but if the receiving computer does not have corresponding accounts, or does not enforce access control, the file may either be permanently locked and inaccessible, or unlocked and fully available to any account holder.
When a file is transferred to another type of computer system, for example, from a PC to a UNIX machine, the access control list may be meaningless.
The widespread use of portable media, from early one megabyte floppy disks to multiple gigabyte USB drives, has exacerbated this problem. Entire data sets may be moved quickly and easily, but the controls associated with access to those data sets can become both troublesome and irritating on one hand, and ineffective on the other.